akoK Опубликовано 16 ноября, 2009 Опубликовано 16 ноября, 2009 Деинсталлируйте ComboFix: нажмите Пуск => Выполнить в окне наберите команду Combofix /u, нажмите кнопку "ОК" Скачайте OTCleanIt или с зеркала, запустите, нажмите Clean up
vetal07 Опубликовано 17 ноября, 2009 Автор Опубликовано 17 ноября, 2009 Готово. А что это за папка у меня на диске C:\32788R22FWJFW ? В ней запускающий файл cmd.
snifer67 Опубликовано 17 ноября, 2009 Опубликовано 17 ноября, 2009 Готово.А что это за папка у меня на диске C:\32788R22FWJFW ? В ней запускающий файл cmd. Проверьте эти файлы на http://www.virustotal.com/ru/ отпишите результате.
vetal07 Опубликовано 17 ноября, 2009 Автор Опубликовано 17 ноября, 2009 (изменено) Проверил запускающий: MD5: e73e101b533d0951de69be3c6c9cf3e4 First received: 2009.02.21 23:53:50 UTC Дата: 2009.02.21 23:53:50 UTC [>268D] Результаты: 0/35 Permalink: analisis/c28b379a5139b4e8d6e0a515a88d696c1a219b03ca8c96955cf08ad587c403f1-1235260430 Там еще есть запускающий AspackDie, антивирус на него ругается. MD5: f673d8f61a32ff0e550f6985b194dbbf First received: 2006.06.21 22:15:15 UTC Дата: 2009.11.05 18:14:23 UTC [>11D] Результаты: 0/40 Permalink: analisis/465e075688109b59ce08d12499751a6eff19cc825941e9d4dec9b792ae5220d5-1257444863 Все файлы не могу проверить их там 185 Хм... еще я нашел на диске С файл Bug.txt Раскрывающийся текст: PUSHD C:\32788R22FWJFW SET "Comspec=C:\32788R22FWJFW\cmd.cfxxe" IF NOT EXIST C:\WINDOWS\system32\cmd.exe GOTO Not_NT VER 1>OsVer GREP.cfxxe -F "5.1.2" OsVer 1>XP.mac IF 0 == 0 GOTO NT GREP.cfxxe -isq "ProductType.*WinNT" WinNT00 || GOTO Not_NT Error: Key: system\currentcontrolset\control\safeboot\option does not exist! IF NOT EXIST NircmdB.exe COPY /Y Nircmd.cfxxe NircmdB.exe 1>N_\31572 2>&1 PEV UZIP License\pv_5_2_2.zip .\ MOVE /Y PV.exe PV.cfxxe 1>N_\19243 2>&1 IF NOT EXIST PEV.cfxxe COPY /Y PEV.exe PEV.cfxxe 1>N_\32367 2>&1 SED "/^PATH=/I!d; s///; s/\x22//g" Oripath 1>OriPath00 PEV -rtf -s+901 .\OriPath00 && ( SED -r "s/\x22//g; s/(.{900}).*/\1/; s/;[^;]*$//" OriPath00 1>OriPath01 FOR /F "TOKENS=*" %G IN (OriPath01) DO @SET "PATH=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;%G" ) IF NOT EXIST OriPath01 FOR /F "TOKENS=*" %G IN (OriPath00) DO SET "PATH=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;%G" SET "PATH=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\OpenVPN\bin" PEV -rtf -c:##5# .\* and { License.exe or 32788R22FWJFW.exe or OsVer.exe or WinNT.exe or N_.exe } 1>temp00 && ( PV -o%f * 1>temp01 PEV -tf -t!o -files:temp01 -c:##5#b#f# 1>temp02 GREP -Fif temp00 temp02 1>temp03 SED "/.* /!d; s///" temp03 1>temp04 SED ":a; $!N; s/\n/\x22 \x22/; ta; s/.*/\x22&\x22/" temp04 1>temp05 FOR /F "TOKENS=*" %G IN (temp05) DO @NIRCMD KILLPROCESS %G ) ’ҐЄгй п Є®¤®ў п бва Ёж : 1251 CALL :MDCheck PEV -rtf -md5907FF9D69304865D4972EB552DFC87E7 .\md5sum.pif || CALL :MDFaiL ChkSum_Fail .\md5sum.pif PEV -tf -files:files.pif -c:##5#b#f# 1>mdCheck00.dat GREP -vs "^!MD5:" mdCheck00.dat 1>mdCheck0a.dat GREP -Fvf md5sum.pif mdCheck0a.dat 1>mdCheck01.dat && CALL :MDFaiL GOTO :EOF ============================================= ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Администратор\Application Data cfExt=cfxxe CFLDR=32788R22FWJFW Chksum=907FF9D69304865D4972EB552DFC87E7 CLIENTNAME=Console Command switches used=Command switches used CommonProgramFiles=C:\Program Files\Common Files Completion time=Completion time COMPUTERNAME=MICROSOF-06013C ComSpec=C:\32788R22FWJFW\cmd.cfxxe Connecting to=Connecting to Connecting to ComboFix servers=Connecting to ComboFix servers Cryptography Services Error=Cryptography Services Error Disclaimer=The following websites are not in any way affiliated to ComboFix:~n~n http://www.combofix.org/~n http://www.combofixdownload.com/~n~nIf you have purchased anything from them, I suggest you instruct your~nfinanciers to cancel the transaction.~n~n ----------------------- -----------------------~n~nA guide on proper ComboFix usage may be found at:~nhttp://www.bleepingcomputer.com/combofix/how-to-use-combofix~n~nComboFix is meant for private use. It should never be used in an~nunsupervised environment. If infections are found, it will automatically~nreboot the machine to complete the removal process. Please ensure all~nopened windows are closed before proceeding.~n~nThis software is provided 'as is', without warranty of any kind. All~nimplied warranties are expressly disclaimed. If you do not agree to the~nabove terms, please click No to exit" "DISCLAIMER OF WARRANTY ON SOFTWARE. DLLs Loaded Under Running Processes=DLLs Loaded Under Running Processes Drivers/Services=Drivers/Services Fail2Delete=failed to delete File Associations=File Associations File Replicators=File Replicators Files Infected - Patched=Files Infected - Patched FIREFOX POLICIES=FIREFOX POLICIES FP_NO_HOST_CHECK=NO hidden files=hidden files HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Администратор is infected=is infected is missing=is missing KMD=CF165.exe Line1=Please wait. Line10=ComboFix has detected the presence of rootkit activity and needs to reboot the machine~nKindly note down on paper, the name of each file. We may need it later~n~n%~G" "Rootkit ! Line10A=ComboFix has detected the presence of rootkit activity and needs to reboot the machine" "Rootkit ! Line11=Scanning for infected files . . . Line12=This typically doesn't take more than 10 minutes Line13=However, scan times for badly infected machines may easily double Line14=%G ...... driver unloaded successfully. Line15=Rootkit driver %G is still present. A rootkit scan is required Line16=ComboFix has changed your clock settings. Line17=Do not change it back. It shall be restored later Line18=ComboFix encountered a terminal error! Please upload this file - C:\ComboFix_error.dat Line19=to: http://www.bleepingcomputer.com/submit-malware.php?channel=4 Line2=ComboFix is preparing to run. Line20=Preparing Log Report. Line21=Do not run any programs until ComboFix has finished Line22=No new files created in this timespan Line23=*Note* empty entries ^& legit default entries are not shown Line24=Contents of the 'Scheduled Tasks' folder Line25=Almost done . . This window will close in a short while Line26=Please wait a few seconds for the report log to pop up Line27=ComboFix's log shall be located at C:\COMBOFIX.TXT Line28=Rebooting Windows . . . Please wait Line29=Please allow ComboFix to reboot the machine. Line3=You need Administrative privileges to run this tool" "Not Admin ! Line30=Overlay aborted ... Please run ComboFix once more Line31=Date Error: ~%CurrDate.yyyy-MM-dd%~n~nCheck your settings" "DATE ERROR Line32=C:\WINDOWS\system32\HAL.DLL is missing !~n~nIt's IMPORTANT that you DO NOT reboot/shutdown the machine~n~nPost to the forums for immediate help. Do not click OK until further instructed" "CRITICAL WARNING ! Line33=ComboFix needs to submit malware files for further analysis.~n~nPlease ensure that you're connected to the internet before clicking OK" "Submit Files for further analysis Line34=Submit malware to Bleeping Computer for analysis. Line35=Copy/Paste the filepath below into the box above and click Send. Line36=Infected copy of %~1 was found and disinfected Line36A=Restored copy from - %~2 Line37=%~1 . . . is infected! Line38=((((((((((((((((((((((((( Files Created from %thirty% to %dateX% ))))))))))))))))))))))))))))))) Line39=(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) Line4=C:\WINDOWS\regedit.exe is missing~n~nCopy one from another machine" "Terminal Error - Missing file Line40=Webserver appears to be temporarily inaccessible.~nFor your convenience, ComboFix created a submissions form located at:~n~n* C:\CF-Submit.htm~n~nPlease use that to manually upload it later. " "Upload Failed! Line41=((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) Line42=((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) Line43=Deleting Files: Line43A=Deleting Folders: Line44=- REDUCED FUNCTIONALITY MODE - Line45=SafeBoot registry key needs repairs. This machine cannot enter Safe Mode. Line46=scanning hidden processes ... Line47=scanning hidden autostart entries ... Line48=scanning hidden files ... Line49=-- Snapshot reset to current date -- Line5=Current date is ~%CurrDate.yyyy-MM-dd%. ComboFix has expired~n~nClick 'Yes' to run in REDUCED FUNCTIONALITY mode~n~nClick 'No' to exit" "Version_%ver_CF% Line50=ComboFix is uninstalled" "Info Line51=Will only install the Recovery Console for Windows XP Line52=Boot Partition cannot be enumerated correctly Line53=%BootDir%Boot.ini is not correctly formated Line54=This machine already has the Recovery Console installed.~n~nAborting operations Line55=Please click 'YES' in the End User License Agreement (EULA) dialog that follows ..." "Installing the Recovery Console Line56=Installation file - %~G - cannot be found Line57=You didn't select YES~n~nInstallation is aborted Line58=Contents of %BootDir%cmdcons are not in order.~n~nPlease disable your security programs before trying again Line59=Congratulations! The Microsoft Recovery Console was successfully installed.~n~nOn each restart of the machine, a black screen will offer you the option to boot into recovery console mode.~nFor normal use, just ignore the black screen. Windows shall boot normally in 2 seconds~n~nClick 'Yes' to continue scanning for malware" "Info Line6=Were you trying to run CFScript?~n~nThe name, CFScript appears to be incorrectly spelt" "CFScript Name Error Line60=Click 'Yes' to continue scanning for malware~n~nClick 'No' to exit" "What's next ? Line62=There's a newer version of ComboFix available.~n~nWould you like to update ComboFix?" "Update Line63=--- WARNING ! ---~n~nA critical update is required.~n~nComboFix shall now update itself.~n~n--- WARNING ! ---" "Mandatory Update Line64=Failed to download updated copy.~n~nWill continue with existing copy" "Failed Download Line65=ComboFix shall now restart" "Updated Line66=Interference detected~n~nPlease perform a Rootkit Scan" "Abort! Line67=You cannot rename ComboFix as %FileName%~n~nPlease use another name, preferbaly made up of alphanumeric characters Line68=%cd% not in expected location~n~n Inform sUBs now! Line69=ComboFix effected repairs on missing C:\WINDOWS\system32\hal.dll Line7=Attempting to create a new System Restore point Line70=This machine does not have the 'Microsoft Windows recovery console' installed~n~nWithout it, ComboFix shall not attempt the fixing of some serious infections.~n~nClick 'Yes' to have ComboFix download/install it.~n~nNOTE: this requires an active internet connection." "Microsoft Windows Recovery Console Line71=Click 'Yes' if this is a WINDOWS XP *HOME EDITION* machine" "XP Home Edition Line72=Failed to download required files. Aborting ... ~n~nShall continue scanning for malware Line73=Internal error! Failed to enumerate download path. ~n~nAborting ... Shall continue scanning for malware Line74=You do not appear to be connected to the internet. Kindly connect before clicking 'OK' Line75=The following files were trying to attach to ComboFix. They shall be disabled~nKindly note down on paper, the name of each file. We may need it later~n~n%~G" "Parasites found ! Line76=ComboFix has detected the following real time scanner(s) to be active:~n~n%G~n~nAntivirus and intrusion prevention programs are known to interfere~nwith ComboFix's running. This may lead to unpredictable results or~npossible machine damage.~n~nPlease disable these scanners before clicking 'OK'." "Warning ! Line77=%G~n~nThe above real time scanner(s) are still active but ComboFix shall~ncontinue to run. Kindly note that this is at your own risk" "Warning ! Line78=%~1 was missing Line79=%~1 . . . is missing! Line8=Rich text formats (RTF) are unacceptable !~n~nPlease save CFScript commands as a textfile, using Notepad.exe" "ERROR - Script format is incorrect Line80=! ALERT ! It is NOT SAFE to continue!~n~nThe contents of the ComboFix package has been compromised.~nPlease download a fresh copy from:~n~nhttp://www.bleepingcomputer.com/combofix/how-to-use-combofix~n~nNote: You may be infected with a file patching virus 'Virut'" "Error Line81=ComboFix's script appears tampered. It is not safe to continue.~nComboFix shall now exit. Please inform the forum helper that's aiding~nyou. Unless further instructed to do so, do not run ComboFix again." "Failed Verification Line82=Webserver appears to be temporarily inaccessible.~nFor your convenience, a zipped file has been created at:~n~nC:\CFCollect.zip~n~nPlease upload the file to BleepingComputer~n~nDo not forget to fill in the 'Comments' section" "Upload Failed! Line83=[COLOR=RED]NETSVCS REQUIRES REPAIRS - current entries shown[/COLOR] Line84=http://download.bleepingcomputer.com/sUBs/ComboFix.exe~nhttp://www.forospyware.com/sUBs/ComboFix.exe~n~nComboFix.exe may be downloaded from any of the above sites. If you~nhave downloaded from some other site, there's a likely chance that it~nmay be tainted. For peace of mind, I suggest that you delete the current~ncopy and get a fresh one." "Caution Line85=[color=red]Manual Fix is required for restoring CommonStartup[/color] Line9=Rootkit driver %G is present. ... attempting disinfection Line90=ComboFix needs to perform a deeper scan Line91=This should not take more than 10-15 minutes Line92=Infected HTML files detected. Line93=ComboFix will now attempt to disinfect Line94=This is going to take some time Line95=Disinfection complete ! ... continuing Log Report preparation Line96=Recovery in Progress . . . Line97=WARNING ! Do not manually reboot the machine yourself LOCKED REGISTRY KEYS=LOCKED REGISTRY KEYS LOGONSERVER=\\MICROSOF-06013C machine was rebooted=machine was rebooted not completed=not completed NUMBER_OF_PROCESSORS=2 ORPHANS REMOVED=ORPHANS REMOVED OS=Windows_NT Other Running Processes=Other Running Processes Other Services/Drivers In Memory=Other Services/Drivers In Memory Path=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\OpenVPN\bin PATHEXT=.cfxxe;.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH Possible infected sites=Possible infected sites Post-Run=Post-Run Pre-Run=Pre-Run Previous Run=Previous Run PROCESS=PROCESS PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0209 ProgramFiles=C:\Program Files PROMPT=$ Qrntn=C:\Qoobox\Quarantine RecoveryConsole=WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED ! Resident AV is active=Resident AV is active RestorePoint= * Created a new restore point RKEY_=hklm\software\microsoft\windows nt\currentversion\windows Running from=Running from scan completed successfully=scan completed successfully SESSIONNAME=Console sfxcmd="E:\Виталика\ComboFix\ComboFix.exe" /u sfxname=E:\Виталика\ComboFix\ComboFix.exe Stage=Completed Stage_ Supplementary Scan=Supplementary Scan SYSDIR=C:\WINDOWS\system32 SYSTEM=C:\WINDOWS\system32 SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\АДМИНИ~1\LOCALS~1\Temp The following files were disabled during the run=The following files were disabled during the run TMP=C:\DOCUME~1\АДМИНИ~1\LOCALS~1\Temp Upload was successful=Upload was successful Uploading files to server=Uploading files to server USERDOMAIN=MICROSOF-06013C USERNAME=Администратор USERPROFILE=C:\Documents and Settings\Администратор Ver_CF=09-11-08.03 windir=C:\WINDOWS ============================================= IF NOT DEFINED sfxname GOTO END GREP -F \ temp01 && CALL :Aux IF NOT DEFINED RKEY_ GOTO :EOF IF /I "RKEYB" EQU "RKEYB" GOTO RKEYB GREP -Fi "C:\WINDOWS\system32\userinit.exe" Userinit00 || (SWREG ADD "hklm\software\microsoft\windows nt\currentversion\winlogon" /v Userinit /d "C:\WINDOWS\system32\userinit.exe," ) Userinit REG_SZ C:\WINDOWS\system32\userinit.exe, SET SfxCmd 1>SET00 SED -r "/SfxCmd=/I!d; s///; s/\s*$//; s/^(\x22[^\x22]*\x22|[^\x22]\S*) +//; s/^\x22*E:\\Виталика\\ComboFix\\ComboFix.exe\x22*//I; s/^([^\x22]\S*)/@SET SfxCmd=\x22\1\x22/; s/^(\x22.*)/@SET SfxCmd=\1/" SET00 1>sfx.cmd DEL /A/F SET00 ECHO."E:\Виталика\ComboFix\ComboFix.exe"1>MSName00 GREP -Ei "\\(wscntfy|winlogon|wininit|nvsvc|lsm|lsass|iexplore|svchost|spoolsv|smss|slsvc |services|explorer|ctfmon|csrss|alg)\.....$" MSName00 && ( CALL :MSNAME "E:\Виталика\ComboFix\ComboFix.exe" CALL MsName.bat ) ATTRIB +R "E:\Виталика\ComboFix\ComboFix.exe" @SET SfxCmd="/u" CALL sfx.cmd CALL AV.cmd SET /a AVCount+=1 NIRCMD EXEC HIDE PV -d9000 -kf CSCRIPT.EXE CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs PV -kf CSCRIPT.exe PV.* Killing 'CSCRIPT.exe' Killing 'PV.*' IF NOT EXIST AvBlack00 GREP -Fsf AVBlack resident.txt 1>AvBlack00 && ( SED -r "s/\x22//g; s/.*\) //; s/.*(\{.{8}-.{4}-.{4}-.{4}-.{12}\}).*/\1/" AvBlack00 1>AvBlack01 FOR /F "TOKENS=*" %G IN (AvBlack01) DO @CSCRIPT.EXE //NOLOGO //E:VBSCRIPT //T:5 wmi_rem.vbs "%~G" NIRCMD EXEC HIDE PV -d6000 -kf CSCRIPT.EXE CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs PV -kf CSCRIPT.exe PV.* ) GREP -Fivf AVWhite resident.txt | GREP -E "^(AV|SP): .*enabled\* \(" 1>AVChk && ( SED -r "s/^AV:/antivirus: /; s/^SP:/antispyware: /; s/ \*(On-access scanning |)enabled\*.*//" AVChk | SED ":a; $!N;s/\n/~n/;ta" 1>AVChkB NIRCMD LOOP 2 80 BEEP 3000 200 IF 1 LEQ 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "ComboFix has detected the following real time scanner(s) to be active:~n~n%G~n~nAntivirus and intrusion prevention programs are known to interfere~nwith ComboFix's running. This may lead to unpredictable results or~npossible machine damage.~n~nPlease disable these scanners before clicking 'OK'." "Warning !" "" && GOTO Av-check IF 1 GTR 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "%G~n~nThe above real time scanner(s) are still active but ComboFix shall~ncontinue to run. Kindly note that this is at your own risk" "Warning !" "" ) SET /a AVCount+=1 NIRCMD EXEC HIDE PV -d9000 -kf CSCRIPT.EXE CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs PV -kf CSCRIPT.exe PV.* IF NOT EXIST AvBlack00 GREP -Fsf AVBlack resident.txt 1>AvBlack00 && ( SED -r "s/\x22//g; s/.*\) //; s/.*(\{.{8}-.{4}-.{4}-.{4}-.{12}\}).*/\1/" AvBlack00 1>AvBlack01 FOR /F "TOKENS=*" %G IN (AvBlack01) DO @CSCRIPT.EXE //NOLOGO //E:VBSCRIPT //T:5 wmi_rem.vbs "%~G" NIRCMD EXEC HIDE PV -d6000 -kf CSCRIPT.EXE CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs PV -kf CSCRIPT.exe PV.* ) GREP -Fivf AVWhite resident.txt | GREP -E "^(AV|SP): .*enabled\* \(" 1>AVChk && ( SED -r "s/^AV:/antivirus: /; s/^SP:/antispyware: /; s/ \*(On-access scanning |)enabled\*.*//" AVChk | SED ":a; $!N;s/\n/~n/;ta" 1>AVChkB NIRCMD LOOP 2 80 BEEP 3000 200 IF 2 LEQ 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "ComboFix has detected the following real time scanner(s) to be active:~n~n%G~n~nAntivirus and intrusion prevention programs are known to interfere~nwith ComboFix's running. This may lead to unpredictable results or~npossible machine damage.~n~nPlease disable these scanners before clicking 'OK'." "Warning !" "" && GOTO Av-check IF 2 GTR 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "%G~n~nThe above real time scanner(s) are still active but ComboFix shall~ncontinue to run. Kindly note that this is at your own risk" "Warning !" "" ) Сообщение от модератора vasdas Убрано в спойлер. Как я понял это чтото с ComboFix-ом связано. Папку просто удалить? Изменено 28 мая, 2010 пользователем vasdas
vetal07 Опубликовано 28 мая, 2010 Автор Опубликовано 28 мая, 2010 Помогите плиззз, я устанавливал игру CS и после этого Opera не разворачивается=(( Она внизу висит. Уже и переустанавливал, не помогает( В диспетчере устройств написано что приложение работает.
Fasawe Опубликовано 28 мая, 2010 Опубликовано 28 мая, 2010 (изменено) Давайте разбирать по порядку... Там еще есть запускающий AspackDie, антивирус на него ругается. Цитирую один чудный сайт(Указать ссылку не имею права): Антивирусники всегда ругались и будут ругаться на HackTool (хакерские утилиты). Просьба внимательно читать, что написано в окне детекта антивиря. Все комментарии типа "там вирус!" или "заражено трояном! не скачивайте!" будут удаляться. Короче айайай! Но на другом сайте рекомендовали вместо этого анпакера другой - Aspackunpacker... Как я понял это чтото с ComboFix-ом связано.Папку просто удалить? http://forum.kaspersky.com/index.php?showt...18#entry1136465 Изменено 28 мая, 2010 пользователем Fasawe
thyrex Опубликовано 28 мая, 2010 Опубликовано 28 мая, 2010 Fasawe, Вы внимательно читали последнее сообщение (№20) пользователя? vetal07, какое отношение имеют проблемы с установкой игры и проблемой с Опера к вирусному заражению?
vetal07 Опубликовано 28 мая, 2010 Автор Опубликовано 28 мая, 2010 (изменено) Сначала я установил кс. При установке был запущен мой компьютер и Opera и они не разворачивались. Я восстановил систему и все стало норм. После этого я еще раз установил кс, и opera не разворачивается опять=( но теперь даже восстановление системы не действует. P.S Эта проблема не связана с той что я писал ранее. Изменено 28 мая, 2010 пользователем vetal07
snifer67 Опубликовано 28 мая, 2010 Опубликовано 28 мая, 2010 А если оперу удалить на время установки КС?
vetal07 Опубликовано 28 мая, 2010 Автор Опубликовано 28 мая, 2010 Та не в этом проблема.. Мне не нужна кс) мне над оперу восстановить
vetal07 Опубликовано 29 мая, 2010 Автор Опубликовано 29 мая, 2010 Все починил)) Оказалось что Opera была на втором экране которого у мну нет=)) вытащил я ее с помощью приложения HobRes
Рекомендуемые сообщения